RIP Signal: Russians kill trust in many EU diplomats’ beloved messaging app
· EUobserverPegasus enables the attacker to turn a smartphone into a surveillance device (Source: EU Council)
RIP Signal: Russians kill trust in many EU diplomats’ beloved messaging app
Unlock article and share
By Andrew Rettman,
Farewell then, Signal, go-to app for security-conscious EU diplomats, journalists, and activists: You’ve been compromised one too many times.
The Russians hacked it in Germany, a Reuters investigation said on Saturday. They also did it in the Netherlands, Dutch intelligence said on 9 March, while senior EU officials shut down a Signal group due to hacking fears in April, said Politico.
State-intrusion aside, it costs $10,000 (€8,500) to $20,000 to get someone’s Signal chat content on the data black-market, depending on the target’s seniority, a European intelligence source told EUobserver ($2,000 to $4,000 for WhatsApp).
For $200 to $400 a name you can buy people’s travel history, especially if they fly to corrupt bureaucracies, such as Russia or Turkey, where personal data is leaked en masse, said a contact from a private-intelligence firm.
EUobserver saw Russian diplomats’ medical records, banking and tax data, traffic violations, and dating website usernames when we investigated alleged Russian spies together with Belgian and Prague-based media in 2025.
You can also buy this in Western Europe, but it’s more expensive, said another contact in the private-intelligence sector. Sometimes, you can follow people’s movements with GPS-precision if they ever downloaded other apps, such as the once popular ‘Candy Crush’ game, on their phones, as this, for one, used to automatically update users’ locations to a cloud.
And there’s also in-real-life surveillance for hire, as in the case of a Kazakh refugee in Brussels, who was filmed with HD cameras through her windows by a British firm, followed by a car, and had her garbage intercepted.
“The [Belgian] law forbids almost everything we need to do in order to be effective, but everyone does it anyway,” said a Belgian private detective, in a modus operandi typical of the sector in Europe.
And going back to state actors, Israeli spyware, such as Pegasus, which costs hundreds of thousands of dollars, has also been used to target enemies of malign EU governments in the past, including journalists, which all makes you wonder how to hide your secrets these days.
Meanwhile, it’s a big wrench to communicate with people offline. So, unless it’s a very special case for which you make a big encryption effort, you just have to assume that everything you write online can be compromised if someone really goes after you, and consider that innocence is your best, if not only, self-defence in the era of digital panopticons.
Unlock article and share
Latest from Digital
Listen: EU fines against X – will Elon Musk comply with Brussels rules?
How Big Tech wrote secrecy into EU law to hide data centres’ environmental toll
Latest from EUobserver voice
Wind and solar cut EU electricity prices by 24% – but gas still rules market
Hungary wants to suspend €1m daily fine over asylum. Try following the rules?
Latest from Russia
With Orbán gone, now is time for EU to sanction Russia’s Patriarch Kirill
[Interview] Estonia’s spy chief: Russia cannot replenish fallen soldiers – they have a serious battlefield problem
Latest from Opinion
71 years without a military strategy, Germany just wrote one
‘Hormuz crisis shows need for new nuclear power’. Does it really, though?
Pegasus enables the attacker to turn a smartphone into a surveillance device (Source: EU Council)
Topics
Author Bio
Andrew Rettman is EUobserver’s foreign editor, writing about foreign and security issues since 2005. He is Polish, but grew up in the UK, and lives in Brussels. He has also written for The Guardian, The Times of London, and Intelligence Online.